juniper@R2# SHO ^ unknown command. juniper@R2# SHO| ^ unknown command. juniper@R2# show | display set | no-more set version 9.5R4.3 set system host-name R2 set system time-zone Asia/Hong_Kong set system root-authentication encrypted-password "$1$TE3ooCIs$UkMO9cjp4Kn1eK8aK1piC." set system name-server 8.8.8.8 set system login user juniper uid 2003 set system login user juniper class super-user set system login user juniper authentication encrypted-password "$1$PpNFvvzR$y9rBbLGjRRs82mQgXDXYT1" set system services ftp set system services ssh set system services telnet set system services web-management http set system syslog file messages archive set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 set policy-options policy-statement OSPF term 1 from instance VR set policy-options policy-statement OSPF term 1 from protocol static set policy-options policy-statement OSPF term 1 from route-filter 1.1.1.1/32 exact set policy-options policy-statement OSPF term 1 then metric 1111 set policy-options policy-statement OSPF term 1 then external type 2 set policy-options policy-statement OSPF term 1 then accept set policy-options policy-statement OSPF term 2 from instance VR set policy-options policy-statement OSPF term 2 from protocol static set policy-options policy-statement OSPF term 2 from route-filter 2.2.2.2/32 exact set policy-options policy-statement OSPF term 2 then metric 444 set policy-options policy-statement OSPF term 2 then external type 1 set policy-options policy-statement OSPF term 2 then accept set policy-options policy-statement OSPF term Other from protocol static set policy-options policy-statement OSPF term Other from route-filter 0.0.0.0/0 exact set policy-options policy-statement OSPF term Other then metric 100 set policy-options policy-statement OSPF term Other then accept set security forwarding-options family mpls mode packet-based set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# run show route table ^ syntax error, expecting . [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 01:35:33 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 01:35:33 Local via ge-0/0/3.0 VR.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 1d 21:48:56 > to 23.1.1.13 via ge-0/0/2.0 1.1.1.1/32 *[Static/5] 1d 21:48:56 > to 23.1.1.13 via ge-0/0/2.0 2.2.2.2/32 *[Static/5] 1d 21:48:56 > to 23.1.1.13 via ge-0/0/2.0 12.1.1.0/24 *[Direct/0] 4d 05:40:28 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 05:40:28 Local via ge-0/0/0.0 23.1.1.0/24 *[Direct/0] 1d 21:48:56 > via ge-0/0/2.0 23.1.1.2/32 *[Local/0] 4d 05:40:28 Local via ge-0/0/2.0 224.0.0.5/32 *[OSPF/10] 4d 05:40:29, metric 1 MultiRecv [edit] juniper@R2# run show route instance VR in ^ syntax error. juniper@R2# run show route instance VR Instance Type Primary RIB Active/holddown/hidden VR virtual-router VR.inet.0 8/0/0 [edit] juniper@R2# run show route instance VR ? Possible completions: <[Enter]> Execute this command brief Display brief output (default) detail Display detailed output summary Display summary output | Pipe through a command [edit] juniper@R2# run show route instance VR brief Instance Type Primary RIB Active/holddown/hidden VR virtual-router VR.inet.0 8/0/0 [edit] juniper@R2# run show route instance VR summary Instance Type Primary RIB Active/holddown/hidden VR virtual-router VR.inet.0 8/0/0 [edit] juniper@R2# run show route instance VR detail VR: Router ID: 12.1.1.2 Type: virtual-router State: Active Interfaces: ge-0/0/0.0 ge-0/0/2.0 Tables: VR.inet.0 : 8 routes (8 active, 0 holddown, 0 hidden) [edit] juniper@R2# dh ^ unknown command. juniper@R2# show interfaces \ d s ^ invalid interface type in '\ d'. juniper@R2# show interface\ d s error: syntax error: interface\ d [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# run show interfaces terse Interface Admin Link Proto Local Remote ge-0/0/0 up up ge-0/0/0.0 up up inet 12.1.1.2/24 gr-0/0/0 up up ip-0/0/0 up up ls-0/0/0 up up lt-0/0/0 up up mt-0/0/0 up up pd-0/0/0 up up pe-0/0/0 up up ge-0/0/1 up down ge-0/0/2 up up ge-0/0/2.0 up up inet 23.1.1.2/24 ge-0/0/3 up up ge-0/0/3.0 up up inet 192.168.128.145/24 dsc up up gre up up ipip up up lo0 up up lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet 10.0.0.1 --> 0/0 10.0.0.16 --> 0/0 128.0.0.1 --> 0/0 128.0.1.16 --> 0/0 inet6 fe80::205:86ff:fe71:1400 lo0.32768 up up lsi up up mtun up up pimd up up pime up up pp0 up up st0 up up tap up up vlan up up [edit] juniper@R2# [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# run show route in ^ 'in' is ambiguous. Possible completions: IP address and optional prefix length of destination inactive-path Show inactive paths inactive-prefix Show inactive route destinations instance Show routing instances information juniper@R2# run show route instance VR detail VR: Router ID: 12.1.1.2 Type: virtual-router State: Active Interfaces: ge-0/0/0.0 ge-0/0/2.0 Tables: VR.inet.0 : 8 routes (8 active, 0 holddown, 0 hidden) [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 [edit] juniper@R2# replace pattern ge-0/0/2 with ge-0/0/2.1 error: invalid trailing input '.0' for 'ge-0/0/2.1.0' [edit routing-instances VR] 'interface ge-0/0/2.0' could not rename to 'interface ge-0/0/2.1.0' [edit] juniper@R2# show interfaces ge-0/0/2 | display set [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# replace pattern ge-0/0/2.0 with ge-0/0/2.1 [edit] juniper@R2# get ^ unknown command. juniper@R2# getro ^ unknown command. juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces ge-0/0/2 | display set [edit] juniper@R2# show interfaces | display set | match 0/0/2 set interfaces ge-0/0/2.1 unit 0 family inet address 23.1.1.2/24 [edit] juniper@R2# delete interfaces ge-0/0/2.1 warning: statement not found [edit] juniper@R2# show interfaces | display set | match 0/0/2 set interfaces ge-0/0/2.1 unit 0 family inet address 23.1.1.2/24 [edit] juniper@R2# exit The configuration has been changed but not committed warning: Auto rollback on exiting 'configure exclusive' Discard uncommitted changes? [yes,no] (yes) yes warning: discarding uncommitted changes Exiting configuration mode juniper@R2> configure exclusive warning: uncommitted changes will be discarded on exit Entering configuration mode Users currently editing the configuration: juniper terminal d0 (pid 17092) on since 2011-06-03 11:20:48 HKT, idle 4d 05:44 [edit] [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 [edit] juniper@R2# set interfaces ge-0/0/2 vlan-tagging [edit] juniper@R2# set interfaces ge-0/0/2.1 vlan-tags 21 ^ syntax error. juniper@R2# set interfaces ge-0/0/2.1 vlan-tags ? Possible completions: <[Enter]> Execute this command inner [tpid.]vlan-id, tpid format is 0xNNNN and is optional outer [tpid.]vlan-id, tpid format is 0xNNNN and is optional | Pipe through a command [edit] juniper@R2# set interfaces ge-0/0/2.1 vlan-tags [edit] juniper@R2# get ^ unknown command. juniper@R2# show interfaces ge | ^ missing or invalid fpc number in 'ge'. juniper@R2# show interfaces ge | error: missing or invalid fpc number in 'ge': ge [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/2 unit 1 vlan-tags [edit] juniper@R2# set interfaces ge-0/0/2 unit 1 family inet address 22.22.22.22/24 [edit] juniper@R2# delete interfaces ge-0/0/2 unit 0 [edit] juniper@R2# set interfaces ge-0/0/2 unit 2 family inetad ^ syntax error. juniper@R2# set interfaces ge-0/0/2 unit 2 family inetad ^ syntax error. juniper@R2# set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-tags set interfaces ge-0/0/2 unit 1 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# delete interfaces ge-0/0/2 unit 1 [edit] juniper@R2# set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 [edit] juniper@R2# set interfaces ge-0/0/2 unit 2 vlan- ^ 'vlan-' is ambiguous. Possible completions: vlan-id Virtual LAN identifier value for 802.1q VLAN tags (0..4094) > vlan-tags IEEE 802.1q tags [edit] juniper@R2# set interfaces ge-0/0/2 unit 2 vlan-id ? Possible completions: Vlan identifier [edit] juniper@R2# set interfaces ge-0/0/2 unit 2 vlan-id 22 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# set interfaces ge-0/0/2 unit 1 vlan-id 21 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete routing-instances VR interface ge-0/0/2.0 [edit] juniper@R2# set routing-instances VR interface ge-0/0/2.1 [edit] juniper@R2# set routing-instances VR interface ge-0/0/2.2 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit check configuration check succeeds [edit] juniper@R2# commit commit complete [edit] juniper@R2# runsh ^ unknown command. juniper@R2# run show interfaces terse | match ge-0/0/2 ge-0/0/2 up up ge-0/0/2.1 up up inet 21.21.21.21/24 ge-0/0/2.2 up up inet 22.22.22.22/24 ge-0/0/2.32767 up up [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 01:42:47 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 01:42:47 Local via ge-0/0/3.0 VR.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 05:47:42 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 05:47:42 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:20 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:20 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:20 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:20 Local via ge-0/0/2.2 224.0.0.5/32 *[OSPF/10] 4d 05:47:43, metric 1 MultiRecv [edit] juniper@R2# set routing-instances FBF in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# set routing-instances FBF instance-type forwarding [edit] juniper@R2# set routing-instances FBF routing-options static 0/0 ^ syntax error. juniper@R2# set routing-instances FBF routing-options static 0/0n ^ syntax error. juniper@R2# set routing-instances FBF routing-options static route 0/0 qualified-next-hop 21.21.21.23 [edit] juniper@R2# show routing-instances FBF | display set set routing-instances FBF instance-type forwarding set routing-instances FBF routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.23 [edit] juniper@R2# exit The configuration has been changed but not committed warning: Auto rollback on exiting 'configure exclusive' Discard uncommitted changes? [yes,no] (yes) yes warning: discarding uncommitted changes Exiting configuration mode juniper@R2> configure exclusive warning: uncommitted changes will be discarded on exit Entering configuration mode Users currently editing the configuration: juniper terminal d0 (pid 17092) on since 2011-06-03 11:20:48 HKT, idle 4d 05:50 [edit] [edit] juniper@R2# set routing-instances VPN instance-type forwarding [edit] juniper@R2# set routing-instances VPN routing-options static route 0/0 next-hop 21.21.21.23/24 ^ invalid input at '/24' in ip address '21.21.21.23/24' at '21.21.21.23/24' [edit] juniper@R2# set routing-instances VPN routing-options static route 0/0 next-hop 21.21.21.23 [edit] juniper@R2# show routing-instances VPN | display set set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 [edit] juniper@R2# set routing-instances TO_VAS instance-type forwarding [edit] juniper@R2# set routing-instances TO_VAS routing-options static route 0/0 qualified-next-hop 22.22.22.23 [edit] juniper@R2# show routing-instances TO_VAS | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 [edit] juniper@R2# show routing-instances | ds ^ syntax error, expecting . juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# set firewall family fi ^ syntax error. juniper@R2# set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN then routing-instance V ^ 'V' is ambiguous. Possible completions: Name of routing instance VPN VR [edit] juniper@R2# set firewall family inet filter PBR term VPN then routing-instance VPN [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS from protocol tcp [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS from destination-port http [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 [edit] juniper@R2# set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS [edit] juniper@R2# set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# set routing-options in ^ 'in' is ambiguous. Possible completions: + instance-export Export policy for instance RIBs + instance-import Import policy for instance RIBs > interface-routes Define routing table groups for interface routes juniper@R2# set routing-options interface-routes rib-group inet PBR [edit] juniper@R2# set routing-options rib-groups PBR import-rib inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib VPN.inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib TO_VAS.inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib TO_VAS.inet.0 [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 [edit] juniper@R2# set interfaces ge-0/0/0 unit 0 family inet in ^ syntax error. juniper@R2# set interfaces ge-0/0/0 unit 0 family inet filter input PBR [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show | compare [edit interfaces ge-0/0/0 unit 0 family inet] + filter { + input PBR; + } [edit] + routing-options { + interface-routes { + rib-group inet PBR; + } + rib-groups { + PBR { + import-rib [ inet.0 VPN.inet.0 TO_VAS.inet.0 ]; + } + } + } + firewall { + family inet { + filter PBR { + term VPN { + from { + destination-address { + 192.168.55.1/32; + 69.17.117.207/32; + 203.186.52.24/32; + } + } + then { + routing-instance VPN; + } + } + term TO_VAS { + from { + destination-address { + 192.168.62.180/32; + 192.168.62.172/32; + 192.168.151.250/32; + } + protocol tcp; + destination-port http; + } + then { + routing-instance TO_VAS; + } + } + term OTHNER { + then accept; + } + } + } + } [edit routing-instances] + TO_VAS { + instance-type forwarding; + routing-options { + static { + route 0.0.0.0/0 { + qualified-next-hop 22.22.22.23; + } + } + } + } + VPN { + instance-type forwarding; + routing-options { + static { + route 0.0.0.0/0 next-hop 21.21.21.23; + } + } + } [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces ge-0/0/0 | display set set interfaces ge-0/0/0 unit 0 family inet filter input PBR set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib TO_VAS.inet.0 [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 01:52:13 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 01:52:13 Local via ge-0/0/3.0 VR.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 05:57:08 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 05:57:08 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:09:46 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:09:46 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:09:46 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:09:46 Local via ge-0/0/2.2 224.0.0.5/32 *[OSPF/10] 4d 05:57:09, metric 1 MultiRecv TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:30 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:30 Local via ge-0/0/3.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:30 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:30 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show routing-instances | display set |match 0.0.0.0 set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR interface ge-0/0/0.0 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib TO_VAS.inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib TO_VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 01:53:43 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 01:53:43 Local via ge-0/0/3.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 05:58:38 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 05:58:38 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:11:16 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:11:16 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:11:16 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:11:16 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:00:06 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:06 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 05:58:39, metric 1 MultiRecv TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:06 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:06 Local via ge-0/0/3.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:06 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:06 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib TO_VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# show routing-instances | display set | match 0.0.0.0/0 set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# set firewall family inet filter PBR term VPN from interfaceV ^ syntax error. juniper@R2# set firewall family inet filter PBR term VPN from ins ^ syntax error. juniper@R2# set firewall family inet filter PBR term VPN from ? Possible completions: > address Match IP source or destination address + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups > destination-address Match IP destination address + destination-port Match TCP/UDP destination port + destination-port-except Do not match TCP/UDP destination port > destination-prefix-list Match IP destination prefixes in named list + dscp Match Differentiated Services (DiffServ) code point + dscp-except Do not match Differentiated Services (DiffServ) code point + esp-spi Match IPSec ESP SPI value + esp-spi-except Do not match IPSec ESP SPI value first-fragment Match if packet is the first fragment + forwarding-class Match forwarding class + forwarding-class-except Do not match forwarding class fragment-flags Match fragment flags (in symbolic or hex formats) + fragment-offset Match fragment offset + fragment-offset-except Do not match fragment offset + icmp-code Match ICMP message code + icmp-code-except Do not match ICMP message code + icmp-type Match ICMP message type + icmp-type-except Do not match ICMP message type > interface Match interface name + interface-group Match interface group + interface-group-except Do not match interface group > interface-set Match interface in set + ip-options Match IP options + ip-options-except Do not match IP options is-fragment Match if packet is a fragment + packet-length Match packet length + packet-length-except Do not match packet length + port Match TCP/UDP source or destination port + port-except Do not match TCP/UDP source or destination port + precedence Match IP precedence value + precedence-except Do not match IP precedence value > prefix-list Match IP source or destination prefixes in named list + protocol Match IP protocol type + protocol-except Do not match IP protocol type service-filter-hit Match if service-filter-hit is set > source-address Match IP source address + source-port Match TCP/UDP source port + source-port-except Do not match TCP/UDP source port > source-prefix-list Match IP source prefixes in named list tcp-established Match packet of an established TCP connection tcp-flags Match TCP flags (in symbolic or hex formats) tcp-initial Match initial packet of a TCP connection + ttl Match IP ttl type + ttl-except Do not match IP ttl type [edit] juniper@R2# set firewall filter FBF fi ^ syntax error. juniper@R2# set firewall filter FBF fa ^ syntax error. juniper@R2# set firewall filter FBF fa ^ syntax error. juniper@R2# set firewall filter FBF ? Possible completions: + accounting-profile Accounting profile name + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups interface-specific Defined counters are interface specific > term Define a firewall term [edit] juniper@R2# set firewall filter FBF term ? Possible completions: Term name [edit] juniper@R2# set firewall filter FBF term VPN fo ^ syntax error. juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept [edit] juniper@R2# show policy-options | display set set policy-options policy-statement OSPF term 1 from instance VR set policy-options policy-statement OSPF term 1 from protocol static set policy-options policy-statement OSPF term 1 from route-filter 1.1.1.1/32 exact set policy-options policy-statement OSPF term 1 then metric 1111 set policy-options policy-statement OSPF term 1 then external type 2 set policy-options policy-statement OSPF term 1 then accept set policy-options policy-statement OSPF term 2 from instance VR set policy-options policy-statement OSPF term 2 from protocol static set policy-options policy-statement OSPF term 2 from route-filter 2.2.2.2/32 exact set policy-options policy-statement OSPF term 2 then metric 444 set policy-options policy-statement OSPF term 2 then external type 1 set policy-options policy-statement OSPF term 2 then accept set policy-options policy-statement OSPF term Other from protocol static set policy-options policy-statement OSPF term Other from route-filter 0.0.0.0/0 exact set policy-options policy-statement OSPF term Other then metric 100 set policy-options policy-statement OSPF term Other then accept [edit] juniper@R2# [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:00:38 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:00:38 Local via ge-0/0/3.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:05:33 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:05:33 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:18:11 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:18:11 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:18:11 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:18:11 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:07:01 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:01 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:05:34, metric 1 MultiRecv TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:07:01 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:01 Local via ge-0/0/3.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:07:01 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:01 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table inet.0 inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:00:51 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:00:51 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VR.inet.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:05:51 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:05:51 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:18:29 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:18:29 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:18:29 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:18:29 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:07:19 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:19 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:05:52, metric 1 MultiRecv [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:07:24 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:24 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table TO_VAS.inet.0 TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:07:37 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:07:37 Local via ge-0/0/3.0 [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# SH ^ unknown command. juniper@R2# SHIN ^ unknown command. juniper@R2# deactivate interfaces ge-0/0/0 unit 0 family inet filter input [edit] juniper@R2# deactivate routing-instances TO_VAS [edit] juniper@R2# deactivate routing-instances V ^ 'V' is ambiguous. Possible completions: Routing instance name VPN Routing instance name VR Routing instance name [edit] juniper@R2# deactivate routing-instances VPN [edit] juniper@R2# deactivate firewall [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term TO_VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term TO_VAS from protocol tcp set firewall family inet filter PBR term TO_VAS from destination-port http set firewall family inet filter PBR term TO_VAS then routing-instance TO_VAS set firewall family inet filter PBR term OTHNER then accept deactivate firewall [edit] juniper@R2# show interfaces ge-0/0/0 | display set set interfaces ge-0/0/0 unit 0 family inet filter input PBR deactivate interfaces ge-0/0/0 unit 0 family inet filter input set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 deactivate routing-instances TO_VAS set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 deactivate routing-instances VPN set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route table inet.0 inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:03:13 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:03:13 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VR.inet.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:08:12 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:08:12 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:20:50 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:20:50 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:20:50 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:20:50 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:09:40 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:14 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:08:13, metric 1 MultiRecv [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 deactivate routing-instances TO_VAS set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 deactivate routing-instances VPN set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:03:54 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:03:54 Local via ge-0/0/3.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:08:49 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:08:49 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:21:27 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:21:27 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:21:27 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:21:27 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:10:17 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:51 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:08:50, metric 1 MultiRecv TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:10:17 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:51 Local via ge-0/0/3.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:10:17 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:51 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:04:11 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:04:11 Local via ge-0/0/3.0 VR.inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:09:06 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:09:06 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:21:44 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:21:44 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:21:44 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:21:44 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 00:10:34 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:01:08 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:09:07, metric 1 MultiRecv TO_VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:10:34 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:01:08 Local via ge-0/0/3.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:10:34 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:01:08 Local via ge-0/0/3.0 [edit] juniper@R2# show routing-instances | display set set routing-instances TO_VAS instance-type forwarding set routing-instances TO_VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.23 deactivate routing-instances TO_VAS set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 next-hop 21.21.21.23 deactivate routing-instances VPN set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# [edit] juniper@R2# load override /var/tmp/OSPF-Redistributed-success load complete [edit] juniper@R2# show firewall | display set [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:05:18 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:05:18 Local via ge-0/0/3.0 VR.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:00:06 > to 23.1.1.13 via ge-0/0/2.0 1.1.1.1/32 *[Static/5] 00:00:06 > to 23.1.1.13 via ge-0/0/2.0 2.2.2.2/32 *[Static/5] 00:00:06 > to 23.1.1.13 via ge-0/0/2.0 12.1.1.0/24 *[Direct/0] 4d 06:10:13 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:10:13 Local via ge-0/0/0.0 23.1.1.0/24 *[Direct/0] 00:00:06 > via ge-0/0/2.0 23.1.1.2/32 *[Local/0] 00:00:06 Local via ge-0/0/2.0 224.0.0.5/32 *[OSPF/10] 4d 06:10:14, metric 1 MultiRecv [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 [edit] juniper@R2# delete interfaces ge-0/0/2 [edit] juniper@R2# set interfaces ge-0/0/2 vlan-tagging [edit] juniper@R2# set interfaces ge-0/0/2.1 family inet address 21.21.21.21/24 [edit] juniper@R2# set interfaces ge-0/0/2.1 vlan-id 21 [edit] juniper@R2# set interfaces ge-0/0/2.2 vlan-id 22 [edit] juniper@R2# set interfaces ge-0/0/2.2 family inet address 22.22.22.22/24 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.0 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete routing-instances VR in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# delete routing-instances VR inge ^ syntax error. juniper@R2# delete routing-instances VR interface ge-0/0/2 [edit] juniper@R2# set routing-instances VR in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# set routing-instances VR inge ^ syntax error. juniper@R2# set routing-instances VR interface ge-0/0/2.1 [edit] juniper@R2# set routing-instances VR interface ge-0/0/2.2 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show interfaces terse | match ge-0/0/2 ge-0/0/2 up up ge-0/0/2.1 up up inet 21.21.21.21/24 ge-0/0/2.2 up up inet 22.22.22.22/24 ge-0/0/2.32767 up up [edit] juniper@R2# run ping 21.21.21.21 rapid PING 21.21.21.21 (21.21.21.21): 56 data bytes ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host . --- 21.21.21.21 ping statistics --- 5 packets transmitted, 0 packets received, 100% packet loss [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:07:38 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:07:38 Local via ge-0/0/3.0 VR.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:12:33 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:12:33 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:21 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:21 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:21 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:21 Local via ge-0/0/2.2 224.0.0.5/32 *[OSPF/10] 4d 06:12:34, metric 1 MultiRecv [edit] juniper@R2# run ping 21.21.21.21 rapid PING 21.21.21.21 (21.21.21.21): 56 data bytes ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host .ping: sendto: No route to host . --- 21.21.21.21 ping statistics --- 5 packets transmitted, 0 packets received, 100% packet loss [edit] juniper@R2# run ping 21.21.21.21 rapid in ^ 'in' is ambiguous. Possible completions: inet Force ping to IPv4 destination inet6 Force ping to IPv6 destination interface Source interface (multicast, all-ones, unrouted packets) interval Delay between ping requests (seconds) juniper@R2# run ping 21.21.21.21 rapid ins ^ syntax error. juniper@R2# run ping 21.21.21.21 rapid ins ^ syntax error. juniper@R2# run ping 21.21.21.21 rapid routing-instance VR PING 21.21.21.21 (21.21.21.21): 56 data bytes !!!!! --- 21.21.21.21 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.068/0.114/0.203/0.052 ms [edit] juniper@R2# run ping 22.22.22.22 rapid routing-instance VR PING 22.22.22.22 (22.22.22.22): 56 data bytes !!!!! --- 22.22.22.22 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.119/0.183/0.290/0.063 ms [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:08:18 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:08:18 Local via ge-0/0/3.0 VR.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:13:13 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:13:13 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:01:01 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:01:01 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:01:01 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:01:01 Local via ge-0/0/2.2 224.0.0.5/32 *[OSPF/10] 4d 06:13:14, metric 1 MultiRecv [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete routing-instances VRin ge ^ syntax error. juniper@R2# delete routing-instances VR in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# delete routing-instances VR inge ^ syntax error. juniper@R2# delete routing-instances VR interface ge-0/0/2.2 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 22.22.22.0/24 *[Direct/0] 00:00:05 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:05 Local via ge-0/0/2.2 192.168.128.0/24 *[Direct/0] 5d 02:09:08 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:09:08 Local via ge-0/0/3.0 VR.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 4d 06:14:03 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:14:03 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:01:51 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:01:51 Local via ge-0/0/2.1 224.0.0.5/32 *[OSPF/10] 4d 06:14:04, metric 1 MultiRecv [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces | display set | match 23.1.1. [edit] juniper@R2# show interfaces | display set | match 23.1.1. [edit] juniper@R2# load override /var/tmp/OSPF-Redistributed-success load complete [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 unit 0 family inet address 23.1.1.2/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# exit The configuration has been changed but not committed warning: Auto rollback on exiting 'configure exclusive' Discard uncommitted changes? [yes,no] (yes) yes warning: discarding uncommitted changes Exiting configuration mode juniper@R2> configure Entering configuration mode Users currently editing the configuration: juniper terminal d0 (pid 17092) on since 2011-06-03 11:20:48 HKT, idle 4d 06:14 [edit] [edit] juniper@R2# [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 [edit] juniper@R2# set interfaces ge-0/0/2.3 vlan-id 23 [edit] juniper@R2# set interfaces ge-0/0/2.3 family inet address 23.1.1.2/24 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.1.1.2/24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete interfaces ge-0/0/2.3 [edit] juniper@R2# set interfaces ge-0/0/2 unit 3 vlan-id 23 [edit] juniper@R2# set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# re ^ 're' is ambiguous. Possible completions: rename Rename a statement replace Replace character string in configuration juniper@R2# replace pattern "next-hop 23.1.1.13" WI ^ syntax error. juniper@R2# replace pattern "next-hop 23.1.1.13" with "next-hop 23.23.23.24" [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.1.1.13 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.1.1.13 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show interfaces | display set | match ge-0/0/2 set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 [edit] juniper@R2# delete routing-instances VR routing-options static route 1.1.1.1/32 next-hop [edit] juniper@R2# set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 [edit] juniper@R2# delete routing-instances VR routing-options static route 2.2.2.2/32 next-hop [edit] juniper@R2# set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 [edit] juniper@R2# delete routing-instances VR routing-options static route 0.0.0.0/0 next-hop [edit] juniper@R2# set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show interfaces ge-0/0/2 | display set set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 [edit] juniper@R2# set routing-instances VR in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# set routing-instances VR inge ^ syntax error. juniper@R2# set routing-instances VR it ^ syntax error. juniper@R2# set routing-instances VR in ^ 'in' is ambiguous. Possible completions: instance-type Type of routing instance > interface Interface name for this routing instance juniper@R2# set routing-instances VR interface ge ^ missing or invalid fpc number in 'ge' at 'ge' Possible completions: Interface name ge-0/0/0 ge-0/0/0.0 Interface name ge-0/0/2 ge-0/0/2.1 Interface name ge-0/0/3 juniper@R2# set routing-instances VR interface ge-0/0/2.2 [edit] juniper@R2# set routing-instances VR interface ge-0/0/2.3 [edit] juniper@R2# show interfaces | display set | match 0/0/2 set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 [edit] juniper@R2# show routing-instances | display set set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:14:20 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:14:20 Local via ge-0/0/3.0 VR.inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:00:06 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:00:06 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:00:06 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 4d 06:19:15 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:19:15 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:07:03 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:07:03 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:06 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:06 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:00:06 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:00:06 Local via ge-0/0/2.3 224.0.0.5/32 *[OSPF/10] 4d 06:19:16, metric 1 MultiRecv [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# set routing-instances VPN instance-type forwarding [edit] juniper@R2# set routing-ini ^ syntax error. juniper@R2# set routing-instances VPN routing-options options st ^ syntax error. juniper@R2# set routing-instances VPN routing-options options st ^ syntax error. juniper@R2# set routing-instances VPN routing-options static route 0/0 n ^ 'n' is ambiguous. Possible completions: + next-hop Next hop to destination next-table Next hop to another table no-install Don't install route into forwarding table no-readvertise Don't mark route as eligible to be readvertised no-resolve Don't allow resolution of indirectly connected next hops no-retain Don't always keep route in forwarding table juniper@R2# set routing-instances VPN routing-options static route 0/0 nh ^ syntax error. juniper@R2# set routing-instances VPN routing-options static route 0/0 qualified-next-hop 21.21.21.24 [edit] juniper@R2# set routing-instances VAS routing-options static route 0/0 qualified-next-hop 22.22.22.24 [edit] juniper@R2# show routing-instances | display set | match 0/0 set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 [edit] juniper@R2# set firewall family inet filter PBR term VPN then ins ^ syntax error. juniper@R2# set firewall family inet filter PBR term VPN then routing-instance VPN [edit] juniper@R2# set firewall family inet filter PBR term VAS from protocol tcp [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination-port http [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination- ^ 'destination-' is ambiguous. Possible completions: > destination-address Match IP destination address + destination-port Match TCP/UDP destination port + destination-port-except Do not match TCP/UDP destination port > destination-prefix-list Match IP destination prefixes in named list juniper@R2# set firewall family inet filter PBR term VAS from destination-address 192.168.58.53/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination-address 192.168.58.111/32 [edit] juniper@R2# delete firewall family inet filter PBR term VAS [edit] juniper@R2# set firewall family inet filter PBR term VAS from protocol tcp [edit] juniper@R2# set firewall family inet filter PBR term VAS from protocol de ^ range: 'de': Must be a numerical protocol value or range between 0-255 at 'de' juniper@R2# set firewall family inet filter PBR term VAS from destination-p ^ 'destination-p' is ambiguous. Possible completions: + destination-port Match TCP/UDP destination port + destination-port-except Do not match TCP/UDP destination port > destination-prefix-list Match IP destination prefixes in named list juniper@R2# set firewall family inet filter PBR term VAS from destination-port http [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination-address 192.168.62.180/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination-address 192.168.62.172/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS from destination-address 192.168.151.250/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS then routing-instance V ^ 'V' is ambiguous. Possible completions: Name of routing instance VAS VPN VR [edit] juniper@R2# set firewall family inet filter PBR term VAS then routing-instance VAS [edit] juniper@R2# set firewall family inet filter PBR term V ^ 'V' is ambiguous. Possible completions: Term name VAS Term name VPN Term name [edit] juniper@R2# set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.53/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.111/32 [edit] juniper@R2# set firewall family inet filter PBR term VAS-2 then routing-instance VAS [edit] juniper@R2# set firewall family inet filter PBR term OTHER then accept [edit] juniper@R2# set routing-options in ^ 'in' is ambiguous. Possible completions: + instance-export Export policy for instance RIBs + instance-import Import policy for instance RIBs > interface-routes Define routing table groups for interface routes juniper@R2# set routing-options interface-routes rib-group inet PBR [edit] juniper@R2# set routing-options rib-groups PBR import-rib inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib VPN.inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# set interfaces ge-0/0/0 unit 0 family inet filter input PBR [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term VAS from protocol tcp set firewall family inet filter PBR term VAS from destination-port http set firewall family inet filter PBR term VAS then routing-instance VAS set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.53/32 set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.111/32 set firewall family inet filter PBR term VAS-2 then routing-instance VAS set firewall family inet filter PBR term OTHER then accept [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# s ^ 's' is ambiguous. Possible completions: save Save configuration to ASCII file set Set a parameter show Show a parameter status Show users currently editing configuration juniper@R2# show interfaces ge-0/0/0 | display set set interfaces ge-0/0/0 unit 0 family inet filter input PBR set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 [edit] juniper@R2# run show ospf database external OSPF instance is not running [edit] juniper@R2# run show ospf database external instance VR OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern *0.0.0.0 12.1.1.2 0x80000001 442 0x22 0x65d8 36 Extern *1.1.1.1 12.1.1.2 0x80000001 442 0x22 0xd86a 36 Extern *2.2.2.2 12.1.1.2 0x80000001 442 0x22 0x25b 36 [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show ospf database external instance VR OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern *0.0.0.0 12.1.1.2 0x80000001 454 0x22 0x65d8 36 Extern *1.1.1.1 12.1.1.2 0x80000001 454 0x22 0xd86a 36 Extern *2.2.2.2 12.1.1.2 0x80000001 454 0x22 0x25b 36 [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:21:51 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:21:51 Local via ge-0/0/3.0 VR.inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:07:37 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:07:37 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:07:37 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 4d 06:26:46 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:26:46 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:14:34 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:14:34 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:07:37 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:07:37 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:07:37 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:07:37 Local via ge-0/0/2.3 224.0.0.5/32 *[OSPF/10] 4d 06:26:47, metric 1 MultiRecv VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:10 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:10 Local via ge-0/0/3.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:10 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:10 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# run show route table inet.0 inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:21:59 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:21:59 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:24 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:24 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VR.inet.0 VR.inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:07:57 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:07:57 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:07:57 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 4d 06:27:06 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:27:06 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:14:54 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:14:54 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:07:57 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:07:57 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:07:57 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:07:57 Local via ge-0/0/2.3 224.0.0.5/32 *[OSPF/10] 4d 06:27:07, metric 1 MultiRecv [edit] juniper@R2# run show route table VAS.inet.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:37 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:37 Local via ge-0/0/3.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# s ^ 's' is ambiguous. Possible completions: save Save configuration to ASCII file set Set a parameter show Show a parameter status Show users currently editing configuration juniper@R2# show routing-instances | display set set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# run show ospf database external extensive instance VR OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern *0.0.0.0 12.1.1.2 0x80000001 529 0x22 0x65d8 36 mask 0.0.0.0 Topology default (ID 0) Type: 2, Metric: 100, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Gen timer 00:41:10 Aging timer 00:51:10 Installed 00:08:49 ago, expires in 00:51:11, sent 00:08:49 ago Last changed 00:08:49 ago, Change count: 1, Ours Extern *1.1.1.1 12.1.1.2 0x80000001 529 0x22 0xd86a 36 mask 255.255.255.255 Topology default (ID 0) Type: 2, Metric: 1111, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Gen timer 00:15:20 Aging timer 00:51:10 Installed 00:08:49 ago, expires in 00:51:11, sent 00:08:49 ago Last changed 00:08:49 ago, Change count: 1, Ours Extern *2.2.2.2 12.1.1.2 0x80000001 529 0x22 0x25b 36 mask 255.255.255.255 Topology default (ID 0) Type: 1, Metric: 444, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Gen timer 00:26:23 Aging timer 00:51:10 Installed 00:08:49 ago, expires in 00:51:11, sent 00:08:49 ago Last changed 00:08:49 ago, Change count: 1, Ours [edit] juniper@R2# run show ospf database external instance VR OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern *0.0.0.0 12.1.1.2 0x80000001 537 0x22 0x65d8 36 Extern *1.1.1.1 12.1.1.2 0x80000001 537 0x22 0xd86a 36 Extern *2.2.2.2 12.1.1.2 0x80000001 537 0x22 0x25b 36 [edit] juniper@R2# run show ospf database external instance VPN OSPF instance is not running [edit] juniper@R2# run show route inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:23:22 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:23:22 Local via ge-0/0/3.0 VR.inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:09:08 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:09:08 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:09:08 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 4d 06:28:17 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:28:17 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:16:05 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:16:05 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:09:08 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:09:08 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:09:08 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:09:08 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 00:00:38 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:38 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:28:18, metric 1 MultiRecv VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:38 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:38 Local via ge-0/0/3.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:38 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:38 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# run show route table inet.0 inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 5d 02:23:29 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:23:29 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:49 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:49 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VAS.inet.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:01:01 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:01:01 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VR.inet.0 VR.inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:09:36 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:09:36 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:09:36 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 4d 06:28:45 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 4d 06:28:45 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:16:33 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:16:33 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:09:36 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:09:36 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:09:36 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:09:36 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 00:01:06 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:01:06 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 4d 06:28:46, metric 1 MultiRecv [edit] juniper@R2# show routing-instances | display set set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# set routing-instances V ^ 'V' is ambiguous. Possible completions: Routing instance name VAS Routing instance name VPN Routing instance name VR Routing instance name [edit] juniper@R2# set routing-instances VAS instance-type forwarding [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:02:18 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:10 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VAS.inet.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:02:23 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:15 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete routing-instances VR [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 [edit] juniper@R2# show firewall | display set set firewall family inet filter PBR term VPN from destination-address 192.168.55.1/32 set firewall family inet filter PBR term VPN from destination-address 69.17.117.207/32 set firewall family inet filter PBR term VPN from destination-address 203.186.52.24/32 set firewall family inet filter PBR term VPN then routing-instance VPN set firewall family inet filter PBR term VAS from destination-address 192.168.62.180/32 set firewall family inet filter PBR term VAS from destination-address 192.168.62.172/32 set firewall family inet filter PBR term VAS from destination-address 192.168.151.250/32 set firewall family inet filter PBR term VAS from protocol tcp set firewall family inet filter PBR term VAS from destination-port http set firewall family inet filter PBR term VAS then routing-instance VAS set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.53/32 set firewall family inet filter PBR term VAS-2 from destination-address 192.168.58.111/32 set firewall family inet filter PBR term VAS-2 then routing-instance VAS set firewall family inet filter PBR term OTHER then accept [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# delete routing-options rib-groups PBR import-rib V ^ 'V' is ambiguous. Possible completions: Import routing table VAS.inet.0 Import routing table VPN.inet.0 Import routing table VR.inet.0 Import routing table [edit] juniper@R2# delete routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet filter input PBR set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# [edit] juniper@R2# commit [edit policy-options policy-statement OSPF term 1 from instance] 'instance VR' no instance VR error: configuration check-out failed [edit] juniper@R2# delete policy-options [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route table inet.0 inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 12.1.1.0/24 *[Direct/0] 00:00:09 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 00:00:09 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:09 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:09 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:00:09 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 5d 02:38:30 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 5d 02:38:30 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:00:14 > to 21.21.21.24 via ge-0/0/2.1 12.1.1.0/24 *[Direct/0] 00:00:14 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 00:00:14 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:14 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:14 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:14 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:14 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:00:14 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:00:14 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 00:00:15 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:15 Local via ge-0/0/3.0 [edit] juniper@R2# run show route table VAS.inet.0 VAS.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:00:19 > to 22.22.22.24 via ge-0/0/2.2 12.1.1.0/24 *[Direct/0] 00:00:19 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 00:00:19 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:19 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:19 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:19 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:19 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:00:19 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:00:19 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 00:00:20 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:20 Local via ge-0/0/3.0 [edit] juniper@R2# rollback 1 load complete [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# show policy-options | display set set policy-options policy-statement OSPF term 1 from instance VR set policy-options policy-statement OSPF term 1 from protocol static set policy-options policy-statement OSPF term 1 from route-filter 1.1.1.1/32 exact set policy-options policy-statement OSPF term 1 then metric 1111 set policy-options policy-statement OSPF term 1 then external type 2 set policy-options policy-statement OSPF term 1 then accept set policy-options policy-statement OSPF term 2 from instance VR set policy-options policy-statement OSPF term 2 from protocol static set policy-options policy-statement OSPF term 2 from route-filter 2.2.2.2/32 exact set policy-options policy-statement OSPF term 2 then metric 444 set policy-options policy-statement OSPF term 2 then external type 1 set policy-options policy-statement OSPF term 2 then accept set policy-options policy-statement OSPF term Other from protocol static set policy-options policy-statement OSPF term Other from route-filter 0.0.0.0/0 exact set policy-options policy-statement OSPF term Other then metric 100 set policy-options policy-statement OSPF term Other then accept [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# show interfaces | display set set interfaces ge-0/0/0 unit 0 family inet filter input PBR set interfaces ge-0/0/0 unit 0 family inet address 12.1.1.2/24 set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 unit 1 vlan-id 21 set interfaces ge-0/0/2 unit 1 family inet address 21.21.21.21/24 set interfaces ge-0/0/2 unit 2 vlan-id 22 set interfaces ge-0/0/2 unit 2 family inet address 22.22.22.22/24 set interfaces ge-0/0/2 unit 3 vlan-id 23 set interfaces ge-0/0/2 unit 3 family inet address 23.23.23.23/24 set interfaces ge-0/0/3 unit 0 family inet address 192.168.128.145/24 [edit] juniper@R2# insert routing-options rib-groups PBR import-rib VR.inet.0 after inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# run show route table VR.inet.0 VR.inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:00:09 > to 23.23.23.24 via ge-0/0/2.3 1.1.1.1/32 *[Static/5] 00:00:09 > to 23.23.23.24 via ge-0/0/2.3 2.2.2.2/32 *[Static/5] 00:00:09 > to 23.23.23.24 via ge-0/0/2.3 12.1.1.0/24 *[Direct/0] 00:00:09 > via ge-0/0/0.0 12.1.1.2/32 *[Local/0] 00:00:09 Local via ge-0/0/0.0 21.21.21.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.1 21.21.21.21/32 *[Local/0] 00:00:09 Local via ge-0/0/2.1 22.22.22.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.2 22.22.22.22/32 *[Local/0] 00:00:09 Local via ge-0/0/2.2 23.23.23.0/24 *[Direct/0] 00:00:09 > via ge-0/0/2.3 23.23.23.23/32 *[Local/0] 00:00:09 Local via ge-0/0/2.3 192.168.128.0/24 *[Direct/0] 00:00:09 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:09 Local via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 00:00:09, metric 1 MultiRecv [edit] juniper@R2# run show route t ^ 't' is ambiguous. Possible completions: IP address and optional prefix length of destination table Name of routing table terse Display terse output [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:16 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:16 Local via ge-0/0/3.0 [edit] juniper@R2# rollback 1 load complete [edit] juniper@R2# show | compare [edit routing-options rib-groups PBR] - import-rib [ inet.0 VR.inet.0 VPN.inet.0 VAS.inet.0 ]; + import-rib [ inet.0 VPN.inet.0 VAS.inet.0 ]; [edit] - policy-options { - policy-statement OSPF { - term 1 { - from { - instance VR; - protocol static; - route-filter 1.1.1.1/32 exact; - } - then { - metric 1111; - external { - type 2; - } - accept; - } - } - term 2 { - from { - instance VR; - protocol static; - route-filter 2.2.2.2/32 exact; - } - then { - metric 444; - external { - type 1; - } - accept; - } - } - term Other { - from { - protocol static; - route-filter 0.0.0.0/0 exact; - } - then { [edit] juniper@R2# exit The configuration has been changed but not committed Exit with uncommitted changes? [yes,no] (yes) yes Exiting configuration mode juniper@R2> configure Entering configuration mode Users currently editing the configuration: juniper terminal d0 (pid 17092) on since 2011-06-03 11:20:48 HKT, idle 4d 06:44 [edit] The configuration has been changed but not committed [edit] juniper@R2# [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# show policy-options | display ^ syntax error, expecting . [edit] juniper@R2# show policy-options | display set [edit] juniper@R2# rollback 1 load complete [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# show policy-options | display set [edit] juniper@R2# rollback 2 load complete [edit] juniper@R2# show policy-options | display set set policy-options policy-statement OSPF term 1 from instance VR set policy-options policy-statement OSPF term 1 from protocol static set policy-options policy-statement OSPF term 1 from route-filter 1.1.1.1/32 exact set policy-options policy-statement OSPF term 1 then metric 1111 set policy-options policy-statement OSPF term 1 then external type 2 set policy-options policy-statement OSPF term 1 then accept set policy-options policy-statement OSPF term 2 from instance VR set policy-options policy-statement OSPF term 2 from protocol static set policy-options policy-statement OSPF term 2 from route-filter 2.2.2.2/32 exact set policy-options policy-statement OSPF term 2 then metric 444 set policy-options policy-statement OSPF term 2 then external type 1 set policy-options policy-statement OSPF term 2 then accept set policy-options policy-statement OSPF term Other from protocol static set policy-options policy-statement OSPF term Other from route-filter 0.0.0.0/0 exact set policy-options policy-statement OSPF term Other then metric 100 set policy-options policy-statement OSPF term Other then accept [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 [edit] juniper@R2# inset ^ unknown command. juniper@R2# insert routing-options rib-groups PBR import-rib VR.inet.0 after inet.0 [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# show | compare [edit] juniper@R2# ccom ^ unknown command. juniper@R2# ccom ^ unknown command. [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# show routing-options | display set set routing-options interface-routes rib-group inet PBR set routing-options rib-groups PBR import-rib inet.0 set routing-options rib-groups PBR import-rib VR.inet.0 set routing-options rib-groups PBR import-rib VPN.inet.0 set routing-options rib-groups PBR import-rib VAS.inet.0 [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:15 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:15 Local via ge-0/0/3.0 [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# delete routing-instances VR pro ^ 'pro' is ambiguous. Possible completions: > protocols Routing protocol configuration > provider-tunnel Provider tunnel configuration [edit] juniper@R2# delete routing-instances VR protocols ospf [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 [edit] juniper@R2# commit commit complete [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# run show route table VPN.inet.0 VPN.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:52 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:15 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 [edit] juniper@R2# rollback 1 load complete [edit] juniper@R2# show routing-instances | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VPN instance-type forwarding set routing-instances VPN routing-options static route 0.0.0.0/0 qualified-next-hop 21.21.21.24 set routing-instances VR instance-type virtual-router set routing-instances VR interface ge-0/0/0.0 set routing-instances VR interface ge-0/0/2.1 set routing-instances VR interface ge-0/0/2.2 set routing-instances VR interface ge-0/0/2.3 set routing-instances VR routing-options static route 1.1.1.1/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 2.2.2.2/32 next-hop 23.23.23.24 set routing-instances VR routing-options static route 0.0.0.0/0 next-hop 23.23.23.24 set routing-instances VR protocols ospf export OSPF set routing-instances VR protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p [edit] juniper@R2# set routing-instances V ^ 'V' is ambiguous. Possible completions: Routing instance name VAS Routing instance name VPN Routing instance name VR Routing instance name [edit] juniper@R2# set routing-instances VAS routo ^ syntax error. juniper@R2# set routing-instances VAS routing-options options st ^ syntax error. juniper@R2# set routing-instances VAS routing-options options stro ^ syntax error. juniper@R2# set routing-instances VAS routing-options static route 192.168.1.1/32 next-hop 22.22.22.24 [edit] juniper@R2# show routing-instances VAS | display set set routing-instances VAS instance-type forwarding set routing-instances VAS routing-options static route 0.0.0.0/0 qualified-next-hop 22.22.22.24 set routing-instances VAS routing-options static route 192.168.1.1/32 next-hop 22.22.22.24 [edit] juniper@R2# commit commit complete [edit] juniper@R2# run show route table VAS.inet.0 VAS.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.128.0/24 *[Direct/0] 00:00:11 > via ge-0/0/3.0 192.168.128.145/32 *[Local/0] 00:00:11 Local via ge-0/0/3.0 [edit] juniper@R2# [edit] juniper@R2# [edit] juniper@R2# exit Exiting configuration mode juniper@R2> configure Entering configuration mode Users currently editing the configuration: juniper terminal d0 (pid 17092) on since 2011-06-03 11:20:48 HKT, idle 4d 06:54 [edit] [edit] juniper@R2# [edit] juniper@R2# save /var/tmp/FBF-FAIL Wrote 228 lines of configuration to '/var/tmp/FBF-FAIL' [edit] juniper@R2# exit Exiting configuration mode juniper@R2> exit Connection closed by foreign host. [root@localhost ~]# exit logout